{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T19:22:08.568","vulnerabilities":[{"cve":{"id":"CVE-2024-1233","sourceIdentifier":"secalert@redhat.com","published":"2024-04-09T07:15:08.060","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in` JwtValidator.resolvePublicKey` in JBoss EAP, where the validator checks jku and sends a HTTP request. During this process, no whitelisting or other filtering behavior is performed on the destination URL address, which may result in a server-side request forgery (SSRF) vulnerability."},{"lang":"es","value":"Se encontró una falla en `JwtValidator.resolvePublicKey` en JBoss EAP, donde el validador verifica jku y envía una solicitud HTTP. Durante este proceso, no se realiza ninguna lista blanca ni ningún otro comportamiento de filtrado en la dirección URL de destino, lo que puede provocar una vulnerabilidad Server-Side Request Forgery (SSRF)."}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2024:3559","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:3560","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:3561","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:3563","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:3580","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:3581","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:3583","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:9582","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:9583","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2024-1233","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2262849","source":"secalert@redhat.com"},{"url":"https://github.com/advisories/GHSA-v4mm-q8fv-r2w5","source":"secalert@redhat.com"},{"url":"https://github.com/wildfly/wildfly/pull/17812/commits/0c02350bc0d84287bed46e7c32f90b36e50d3523","source":"secalert@redhat.com"},{"url":"https://issues.redhat.com/browse/WFLY-19226","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:3559","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/errata/RHSA-2024:3560","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/errata/RHSA-2024:3561","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/errata/RHSA-2024:3563","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/errata/RHSA-2024:3580","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/errata/RHSA-2024:3581","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/errata/RHSA-2024:3583","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/security/cve/CVE-2024-1233","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2262849","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/advisories/GHSA-v4mm-q8fv-r2w5","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/wildfly/wildfly/pull/17812/commits/0c02350bc0d84287bed46e7c32f90b36e50d3523","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://issues.redhat.com/browse/WFLY-19226","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}